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Amendments to the Claims : L 

This listing of claims will replace all prior versions, and listings, of claims in 
the application: 



Listing of Claims: 

1 . (Original) A cryptographic system in a computer system, the cryptographic 
system comprising: V 

a central server; r 
a remote server; 

a database on the central server responsive to signals from the central t 
server, the database being configured to contain sensitive 
information; 
enterprise credentials stored in the database; 

a key repository process on the central server, the key repository process f 

having one or more master keys for managing information in the - 

database, the key repository process further configured to access l~ 

the enterprise credentials and to authenticate authorizations to [- 

i." 

access the sensitive information in the database; 

i. j 

an agent on the remote server the agent acting on behalf of the key r 

repository process on the central server; and I 

at least one application on the remote server; [" 

wherein the agent authenticates authorizations of specific applications to ;~ 

access resources based upon authorizations held and maintained : - : 
by the key repository process on the central server. 

f; 

2. (Original) A cryptographic system as in claim 1 , wherein the key repository 
process and the agent communicate with each other, the communication being F 
authenticated by a shared secret, and wherein the shared secret is protected by a 
level of trust equivalent to that with which the shared secret is protected on the l 
central server by the key repository process. L 
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3. (Original) A cryptographic system as in claim 2, wherein the level of trust 
is defined as the number of individuals required for reconstructing the master key r 
and/or for performing a sensitive operation. 

4. (Original) A cryptographic system as tn claim 1, wherein the agent in the 
remote server is an independent key repository process with a level of trust 
equivalent to that of the key repository process in the central server. i: 

i... 

5. (Original) The cryptographic system of claim 1, wherein at least one 
master key protects the sensitive information in the database. 

6. (Original) The cryptographic system of claim 1, wherein at least one K 
master key provides privacy protection to the sensitive information. r 

7. (Original) A method used in a cryptographic system for obtaining sensitive ! 
information, comprising: 

storing enterprise credentials in a database on a central server, the 

database being configured to contain sensitive information; -~ 
establishing one or more master keys for managing information in the 

database by a key repository process, the key repository process i 

being configured to access the enterprise credentials; [ 

authenticating, by the key repository process, authorizations to access the j*- 

sensitive information in the database; j" 

establishing communications between the key repository process on the P 

central server and an agent on a remote server, the agent acting on r 

behalf of the key repository process on the central server; and j. 

authenticating, by the agent, authorizations of specific applications on the L 

remote server to access resources based upon authorizations held j" : 

and maintained by the key repository process on the central server. j : 

c 
f- 
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8. (Original) A method for obtaining cryptographic credentials by an 
application running on a computer system, comprising: 

providing a computer system having at least one server and a 
cryptographically protected database; 

instantiating a key repository process on the computer system 1 the key 
repository process being configured with a remote agent interface 
and/or for interface via a trusted link; 

instantiating an application process on the computer system; 

conducting, by the application process, a query of the key repository 
process for sensitive information, the query being conducted via the 
remote agent interface or the trusted link if the application process 
and the key repository process are located on different servers; and 

providing to the application process, by the key repository process, an 
encrypted file of the sensitive information, the encrypted file being 
provided via the remote agent interface or the trusted link if the 
application process and the key repository process are located on 
different servers. 



(New) A system comprising: 

a central server containing a cryptographically protected database and 

configured to execute a key repository process that controls access 

to the database; and 
a remote server communicatively coupled to the central server, the remote 

server configured to execute an agent process that acts on behalf 

of the key repository process, and the remote sever further 

configured to execute an application program; 
wherein the agent process acts on behalf of the key repository process to 

authenticate authorization of the application program to access the 

cryptographically protected database. 
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10. (New) The system as defined in claim 9 wherein the agent process is an 
independent key repository process with a level of trust equivalent to that of the 
key repository process of the central server. 

1 1 . (New) A system comprising: 

a remote server configured to communicatively couple to a central server; 
an agent process on the remote server, wherein the agent process acts on 

behalf of a key repository process executing on a central server, 

and 

application program on the remove server; 

wherein the agent process is configured to authenticate authorization of 
the application program on behalf of the key repository process to 
access a cryptographically protected database on the central 



1 2. (New) The system as defined in claim 1 1 wherein the agent process in the 
remote server configured to be an independent key repository process with a 
level of trust equivalent to that of the key repository process of the central server. 

13. (New) A system comprising: 
a central server; 

a database on the central server configured to contain sensitive 
information; and 

a key repository process on the central server, the key repository process 
having one or more master keys for managing information in the 
database and to authenticate authorizations to access the sensitive 
information in the database by applications on remote servers. 

14. (New) The system of claim 13 wherein the key repository process 
authenticates authorizations to access the sensitive information at least in part by 

Wcjy of an agent process executing on trie remote server. 
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15, (New) The system of claim 13 wherein at least one master key protects 
the sensitive information in the database. 

16, (New) The system of claim 13 wherein at least one master key provides 
privacy protection to the sensitive information. 
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